From: Sean Christopherson <sean.j.christopherson@intel.com>
To: Vitaly Kuznetsov <vkuznets@redhat.com>
Cc: Liran Alon <liran.alon@oracle.com>,
kvm@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
Jim Mattson <jmattson@google.com>,
linux-kernel@vger.kernel.org, Roman Kagan <rkagan@virtuozzo.com>
Subject: Re: [PATCH RFC 3/3] x86/kvm/hyper-v: don't allow to turn on unsupported VMX controls for nested guests
Date: Thu, 16 Jan 2020 08:21:02 -0800 [thread overview]
Message-ID: <20200116162101.GD20561@linux.intel.com> (raw)
In-Reply-To: <874kwvixuq.fsf@vitty.brq.redhat.com>
On Thu, Jan 16, 2020 at 09:55:57AM +0100, Vitaly Kuznetsov wrote:
> Liran Alon <liran.alon@oracle.com> writes:
>
> >> On 15 Jan 2020, at 19:10, Vitaly Kuznetsov <vkuznets@redhat.com> wrote:
> >>
> >> Sane L1 hypervisors are not supposed to turn any of the unsupported VMX
> >> controls on for its guests and nested_vmx_check_controls() checks for
> >> that. This is, however, not the case for the controls which are supported
> >> on the host but are missing in enlightened VMCS and when eVMCS is in use.
> >>
> >> It would certainly be possible to add these missing checks to
> >> nested_check_vm_execution_controls()/_vm_exit_controls()/.. but it seems
> >> preferable to keep eVMCS-specific stuff in eVMCS and reduce the impact on
> >> non-eVMCS guests by doing less unrelated checks. Create a separate
> >> nested_evmcs_check_controls() for this purpose.
> >>
> >> Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
> >> ---
> >> arch/x86/kvm/vmx/evmcs.c | 56 ++++++++++++++++++++++++++++++++++++++-
> >> arch/x86/kvm/vmx/evmcs.h | 1 +
> >> arch/x86/kvm/vmx/nested.c | 3 +++
> >> 3 files changed, 59 insertions(+), 1 deletion(-)
> >>
> >> diff --git a/arch/x86/kvm/vmx/evmcs.c b/arch/x86/kvm/vmx/evmcs.c
> >> index b5d6582ba589..88f462866396 100644
> >> --- a/arch/x86/kvm/vmx/evmcs.c
> >> +++ b/arch/x86/kvm/vmx/evmcs.c
> >> @@ -4,9 +4,11 @@
> >> #include <linux/smp.h>
> >>
> >> #include "../hyperv.h"
> >> -#include "evmcs.h"
> >> #include "vmcs.h"
> >> +#include "vmcs12.h"
> >> +#include "evmcs.h"
> >> #include "vmx.h"
> >> +#include "trace.h"
> >>
> >> DEFINE_STATIC_KEY_FALSE(enable_evmcs);
> >>
> >> @@ -378,6 +380,58 @@ void nested_evmcs_filter_control_msr(u32 msr_index, u64 *pdata)
> >> *pdata = ctl_low | ((u64)ctl_high << 32);
> >> }
> >>
> >> +int nested_evmcs_check_controls(struct vmcs12 *vmcs12)
> >> +{
> >> + int ret = 0;
> >> + u32 unsupp_ctl;
> >> +
> >> + unsupp_ctl = vmcs12->pin_based_vm_exec_control &
> >> + EVMCS1_UNSUPPORTED_PINCTRL;
> >> + if (unsupp_ctl) {
> >> + trace_kvm_nested_vmenter_failed(
> >> + "eVMCS: unsupported pin-based VM-execution controls",
> >> + unsupp_ctl);
> >
> > Why not move "CC” macro from nested.c to nested.h and use it here as-well instead of replicating it’s logic?
> >
>
> Because error messages I add are both human readable and conform to SDM!
> :-)
>
> On a more serious not yes, we should probably do that. We may even want
> to use it in non-nesting (and non VMX) code in KVM.
No, the CC() macro is short for Consistency Check, i.e. specific to nVMX.
Even if KVM ends up adding nested_evmcs_check_controls(), which I'm hoping
can be avoided, I'd still be hesitant to expose CC() in nested.h.
next prev parent reply other threads:[~2020-01-16 16:21 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-15 17:10 [PATCH RFC 0/3] x86/kvm/hyper-v: fix enlightened VMCS & QEMU4.2 Vitaly Kuznetsov
2020-01-15 17:10 ` [PATCH RFC 1/3] x86/kvm/hyper-v: remove stale evmcs_already_enabled check from nested_enable_evmcs() Vitaly Kuznetsov
2020-01-15 22:50 ` Liran Alon
2020-01-15 17:10 ` [PATCH RFC 2/3] x86/kvm/hyper-v: move VMX controls sanitization out of nested_enable_evmcs() Vitaly Kuznetsov
2020-01-15 22:49 ` Liran Alon
2020-01-16 8:37 ` Vitaly Kuznetsov
2020-02-03 15:11 ` Vitaly Kuznetsov
2020-01-15 23:27 ` Sean Christopherson
2020-01-15 23:30 ` Liran Alon
2020-01-16 8:51 ` Vitaly Kuznetsov
2020-01-16 16:19 ` Sean Christopherson
2020-01-16 16:57 ` Vitaly Kuznetsov
2020-01-17 6:31 ` Sean Christopherson
2020-01-18 21:42 ` Paolo Bonzini
2020-01-19 8:54 ` Paolo Bonzini
2020-01-22 5:47 ` Sean Christopherson
2020-01-22 9:37 ` Vitaly Kuznetsov
2020-01-22 14:33 ` Paolo Bonzini
2020-01-22 15:08 ` Vitaly Kuznetsov
2020-01-22 15:51 ` Sean Christopherson
2020-01-22 16:29 ` Vitaly Kuznetsov
2020-01-22 16:40 ` Paolo Bonzini
2020-01-23 9:15 ` Vitaly Kuznetsov
2020-01-23 19:09 ` Vitaly Kuznetsov
2020-01-24 17:25 ` Sean Christopherson
2020-01-27 15:38 ` Vitaly Kuznetsov
2020-01-27 17:53 ` Paolo Bonzini
2020-01-27 21:52 ` Vitaly Kuznetsov
2020-01-27 18:17 ` Sean Christopherson
2020-01-15 17:10 ` [PATCH RFC 3/3] x86/kvm/hyper-v: don't allow to turn on unsupported VMX controls for nested guests Vitaly Kuznetsov
2020-01-15 22:59 ` Liran Alon
2020-01-16 8:55 ` Vitaly Kuznetsov
2020-01-16 16:21 ` Sean Christopherson [this message]
2020-01-19 8:57 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200116162101.GD20561@linux.intel.com \
--to=sean.j.christopherson@intel.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=liran.alon@oracle.com \
--cc=pbonzini@redhat.com \
--cc=rkagan@virtuozzo.com \
--cc=vkuznets@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.